Polkit Privilege Escalation - (CVE-2021-4034) - Is AWX vulnerable

ansible / awx

AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for Red Hat Ansible Automation Platform.

Other

13.86k stars 3.4k forks source link

Polkit Privilege Escalation - (CVE-2021-4034) - Is AWX vulnerable #11631

Closed spisakni closed 2 years ago

spisakni commented 2 years ago

For all security related bugs, email security@ansible.com instead of using this issue tracker and you will receive a prompt response.

For more information on the Ansible community's practices regarding responsible disclosure, see https://www.ansible.com/security

Posting this here and will email... Is AWX vulnerable to Polkit Privilege Escalation - (CVE-2021-4034)

shanemcd commented 2 years ago

Not sure about older versions. Please verify you are on the latest release. We're using CentOS Stream 9 as the base image and that should be up-to-date.